epoll: be better about file lifetimes
epoll can call out to vfs_poll() with a file pointer that may race with
the last 'fput()'. That would make f_count go down to zero, and while
the ep->mtx locking means that the resulting file pointer tear-down will
be blocked until the poll returns, it means that f_count is already
dead, and any use of it won't actually get a reference to the file any
more: it's dead regardless.
Make sure we have a valid ref on the file pointer before we call down to
vfs_poll() from the epoll routines.
Metrics
Affected Vendors & Products
Source | ID | Title |
---|---|---|
![]() |
USN-6949-1 | Linux kernel vulnerabilities |
![]() |
USN-6949-2 | Linux kernel vulnerabilities |
![]() |
USN-6952-1 | Linux kernel vulnerabilities |
![]() |
USN-6955-1 | Linux kernel (OEM) vulnerabilities |
![]() |
USN-7007-1 | Linux kernel vulnerabilities |
![]() |
USN-7007-2 | Linux kernel vulnerabilities |
![]() |
USN-7007-3 | Linux kernel vulnerabilities |
![]() |
USN-7009-1 | Linux kernel vulnerabilities |
![]() |
USN-7009-2 | Linux kernel vulnerabilities |
![]() |
USN-7019-1 | Linux kernel vulnerabilities |
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Mon, 20 Oct 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:* |
|
Vendors & Products |
Linux
Linux linux Kernel |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
Tue, 05 Nov 2024 10:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 12 Sep 2024 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: Linux
Published:
Updated: 2025-05-04T09:14:33.781Z
Reserved: 2024-06-18T19:36:34.927Z
Link: CVE-2024-38580

Updated: 2024-08-02T04:12:25.965Z

Status : Analyzed
Published: 2024-06-19T14:15:18.057
Modified: 2025-10-20T22:09:26.253
Link: CVE-2024-38580


No data.